Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

F-Secure

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

Thanks, Ondrej, for that incredibly informative and enlightening reply!  I will be recommending this article for inclusion in our Tribal Knowledge Base so that others with similar concerns can find the information quickly and rest easily!

 

If anyone has additional questions about this topic, please do post here, so we can make sure we identify all of your questions in our KB article, and share them with all our Community members!

 

// Chrissy

Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
Senior Advisor

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

"Needless to say that it is also recommended to make sure that your computer has the latest hotfixes, patches and updates, and just as important your other applications like office programs, PDF reader, browsers, mediaplayers etc. are updated with the latest patches and fixes or upgraded to the latest versions.
Using outdated software will open the most common attack vectors to your computer which can, even if not leading to your PC being actually taken over result in a lot of virus warnings of this sort."

 

 

 

So would not a vulnerability scanner (which a number of AVs have now-eg. BullGuard)  be a good addition to F-Secure (within the program and not an online one) ?

Highlighted
Former F-Secure Employee

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

Indeed it would be a good addition, as this kind of programs don't interfere with the security solution to protect the system.

 

Regards,

Ivan

Regards,
Ivan

Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
Former F-Secure Employee

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

Hi guys,

 

I've turned this conversation into a knowledge base article. Many thanks for your contribution!
http://community.f-secure.com/t5/Security-for-PC/Viruses-were-found-but-were-not/ta-p/31309

 

Cheers,

Jenni

 

 

Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
Scholar

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

i am reading post on here and was wondering to download a cleaner to rid of this, does the download do it all for me or DO I HAVE TO DELEATE FILES? i do not want to remove it manually. thank you

im looking at blackcats post...

Advocate

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

Don't know what download you're referring to. My understanding is that you may have to kill some processes to be able to delete the files manually. As previously described "F-Secure" can't delete certain files, for example locked files or files inside archives. So for certain types of infections you have to delete the files manually.

I found some additional information on Bitdefender forum saying that Gen:Variant.Kazy is a generic detection for Vundo and that "You don't have to replace the files because they were created by the trojan."

 

To F-Secure

When reading the post by @Ondrej that later @Jenni did a KB article on, I see two things that in my understanding are incorrect:

  • The "advanced process monitoring" setting was removed in IS 2013 and only applies to 2012 and earlier. It's replaced with "Compatibility Mode" that is already off by default for maximum protection.
  • The Online Scanner has no "full scan" option. It scans (only) active processes, memory + additional parts of the file system that typically gets infected, but it does not perform a "full scan".
F-Secure Product Expert

Re: Gen:Variant.Kazy.79682-virus - How to remove it manually without losing files on computer?

NikK is actually right on both accounts.

 

“Advanced Monitoring” still exists in 2013 as functionality, but the dedicated setting has been removed. The logic has changed as well, “Advanced Monitoring” is now enabled by default, and will be disabled if “Compatibility Mode” is ticked.

 

As for the Online Scanner, the latest version also has no options anymore to choose what to scan, and it is somewhat debatable whether it's scan qualifies as “full scan” or not. In terms of malware scanning and removal it does a “full scan on everything that is active”, covering all types of malware, including rootkits. (Online Scanner scans for rootkits in the memory and then boots into Linux to clean them up). What it does not scan are inactive files, closed archives, external media (like USB sticks) or the users e-mails.

 

I based my answer on my general experience without actually checking the new GUIs. My bad.

 

Thanks NikK for spotting this and clearing things up Smiley Happy